4 Open and Free Disk and NAS Encryption Projects
TrueCrypt, FreeOTFEAs usual, the Free/Open Source software world provides the best security utilities for Windows, and for Linux and Mac as well. Eric Geier rounds up four encryption utilities for both local and network storage.
Though disk encryption has been around for many years, many of us don't take advantage of it. The basic concept is that your documents, files, and data are scrambled until you provide a password to unlock them. Therefore if your PC or laptop is stolen, the thief won't be able to read your data, protecting any sensitive information you might be storing.
TrueCrypt is one of the most popular on-the-fly encryption solutions with almost 16 million downloads from their site alone. It runs on all of the major platforms: Windows 7/Vista/XP, Mac OS X, and Linux. It features a variety of encryption options, including system drive support, hidden volumes, and support for hiding a Windows installation.
TrueCrypt supports three main encryption methods:
- File container: This basically operates like an encrypted zip file. Its looks like a single file, but when you provide the encryption password its mounted as a drive. Then you can copy files into it and access files just like you would with any other drive. Once you unmount it or restart the computer, the container is closed and remains encrypted. Keep in mind, since the file container is like any other file, you can still move, copy, or delete it. You can place the file container on your main hard drive, use it on a flash drive, or send it via email.
- Non-system partition or drive: This lets you encrypt an entire secondary partition, or a partition or drive where an operating system isn't installed. This can be on an internal hard drive, USB flash drive, solid-state drive, or other storage device. As with the file containers, you must mount the encrypted drive or partition using TrueCrypt before you can access it.
- System partition or entire drive: This lets you fully encrypt your system partition or drive. Keep in mind, Windows is the only supported operating system. All the Windows files and data will be protected in addition to your personal documents. This includes items you can't protect with the other two methods, like your browsing history, network and system passwords, temporary files, cache, hibernation files, and swap files. However, this is the most complex method and may require drive or partition modifications.
Each of these methods has a hidden implementation, giving you double-protection. You can create an outer encrypted volume and then place another encrypted volume inside it, useful if you are ever forced to reveal your password.
If you need help on setting up TrueCrypt, refer to a previous tutorial of mine on eSecurityPlanet, another Internet.com site.
FreeOTFE is another on-the-fly encryption solution. It runs on all Windows versions from 2000 to 7. They provide limited Linux support, but none for Mac OS X. However, they have a PDA utility for Windows Mobile 2003 and later.
FreeOTFE lets you create encrypted volumes using file containers, similar as discussed with the previous solution. You can also encrypt non-system partitions and entire disks. Plus you can create hidden volumes inside encrypted volumes. You cannot, however, encrypt the partition where an OS is installed like you can with Windows when using TrueCrypt.
This project provides three different utilities, where encrypted volumes you create in one are accessible in the others:
- FreeOTFE: This is the main utility, offering the most convenient encryption and decryption techniques.
- FreeOTFE Explorer: This is designed for use on flash and other portable drives. It lets you access the encrypted volume from any computer you plug into, even if you don't have administrative rights on that computer. The portable mode of the main FreeOTFE utility, and like most other encryption solutions, require admin rights to access the encrypted volume. This isn't the case for the FreeOTFE Explorer, you can even use it on public workstations.
- FreeOTFE4PDA: This brings disk encryption to your Windows Mobile PDAs.
For help on using FreeOTFE, refer to a previous tutorial of mine on eSecurityPlanet.